safemode with laninstall d7ii - set autologon, do audit & screenshot system infobackup reg hives, create restore point (to make sure it works), purge all restore points, then re-create one.auto-profile the malware tab: most but not all of the pre-removal tab then run these... Ccleaner auto, MBAR, TDSSKiller, adw cleaner, combifix (read the log), JRT, hitman pro, rogue killer, GMER, super anti spyware, malwarebytes v2, tweaking aio repair.I'll then reset browser settingsuse Ccleaner to delete browser extensions and scheduled tasks & visual aide for installed nastieswould have ran dUninstaller in pre-removal but will run geek uninstaller and/or revo depending on what ccleaner showed. If system is really bad i may also do stinger and emsisoft.open each browser and check homepage, add-ons, extensions, etc.

-- When happy system is clean --

run a ninite installer for run-times, adobe reader, sumatraPDF, codecs, auslogics & MalwareBytesV2 (d7ii version gets deleted on end session).install unchecky, adblocker for installed browsers and full install of Ccleaner (again d7ii version gets deleted). will also install our dSS app AfterCare.will leave ninite installer for classic shell if win8/.1 on desktop for customer if not already installed.

Great ideas. Do you guys run your malware scanners in auto mode or manual. I tend to have scanners not work or they want to run at the same time. Specifically super anti spyware,combo fix, and spybot. Also my emsisoft and sophos tends to mark d7ii.exe as a threat.

Number one.. Backup.. Depending on the client/job either User Profile or Image the drive or both

Why? More so with Notebooks.. have had the HDD's fail during the the removal/cleanup process.. This is despite the following step giving the all clear..

Number 2: HDD SMART check.. .. Truly this can give you clues to potential heartache.... Earlier this year I had a run of Toshiba notebooks that had the HDD fail (heads) 7 in a week!

then follow the preferred procedure for the clients issue.. BTW.. having the Image for the drive is also very helpful if you manage to hose the OS during the malware removal procedure (if you can afford that waste of time).